EVP_CipherInit() doesn't check for weak DES keys (0.9.6)

Given that the EVP level is supposed to offer callers a cipher-independent interface, where the caller doesn't necessarily know the idiosyncracies of the underlying cipher, wouldn't it make sense for evp/e_des3.c to call des_set_key_checked() instead of des_set_key_unchecked() and return an error

Re: EVP_CipherInit() doesn't check for weak DES keys (0.9.6)

James Yonan wrote: > > Given that the EVP level is supposed to offer callers a cipher-independent > interface, where the caller doesn't necessarily know the idiosyncracies of > the underlying cipher, wouldn't it make sense for evp/e_des3.c to call > des_set_key_checked() instead of des_set_key_un

Re: EVP_CipherInit() doesn't check for weak DES keys (0.9.6)

> James Yonan wrote: > > > > Given that the EVP level is supposed to offer callers a cipher-independent > > interface, where the caller doesn't necessarily know the idiosyncracies of > > the underlying cipher, wouldn't it make sense for evp/e_des3.c to call > > des_set_key_checked() instead of des

RE: EVP_CipherInit() doesn't check for weak DES keys (0.9.6)

To: [EMAIL PROTECTED] Subject: Re: EVP_CipherInit() doesn't check for weak DES keys (0.9.6) > James Yonan wrote: > > > > Given that the EVP level is supposed to offer callers a cipher-independent > > interface, where the caller doesn't necessarily know the idiosyncra

Re: EVP & DES, was: EVP_CipherInit() doesn't check for weak DES keys (0.9.6)

To: <[EMAIL PROTECTED]> Sent: Wednesday, April 03, 2002 6:39 AM Subject: RE: EVP_CipherInit() doesn't check for weak DES keys (0.9.6) > Good idea except the same mutate must also be performed on the "other" end or you'll end up with a key mismatch. We don't alwa

Re: EVP & DES, was: EVP_CipherInit() doesn't check for weak DES keys (0.9.6)

On Wed, Apr 03, 2002 at 11:12:40PM -0700, James Yonan wrote: > > (b) Some kind of *optional* EVP method (so it doesn't break interoperability > with non-OpenSSL clients) that, given an EVP_CIPHER and key, will > deterministically mutate the key into a correct form. Out of 2^56 DES keys, there a

Re: EVP & DES, was: EVP_CipherInit() doesn't check for weak DES keys (0.9.6)

> Out of 2^56 DES keys, there are four weak keys and 12 semi-weak keys. > The odds of getting a weak key are incredibly slight. Most people > don't bother to check, and it isn't considered a security risk. True, weak or semi-weak keys are improbable. I was thinking more about maintaining proper

Re: EVP & DES, was: EVP_CipherInit() doesn't check for weak DES keys (0.9.6)

On Thu, Apr 04, 2002 at 04:07:47AM -0700, James Yonan wrote: > > I was thinking more about maintaining proper key parity. Does a client of > EVP need to worry about making sure that if DES is the underlying cipher, > that passed keys have the proper parity? Generally, people just ignore the par